Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7IKzAOKOOSPPOSLrU_44nI18JQg.roa
File: 7IKzAOKOOSPPOSLrU_44nI18JQg.roa (raw, json)
Hash identifier: 4AhzephQwE8/vGxGmWUviTC+muLCoFMtlspXXeIl0Ro=
Subject key identifier: EC:82:B3:00:E2:8E:39:23:CF:39:22:EB:53:FE:38:9C:8D:7C:25:08
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E3C562080CFFD982B0D55B6FF87FE46A9
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7IKzAOKOOSPPOSLrU_44nI18JQg.roa
Signing time: Mon 18 May 2026 18:25:37 +0000
ROA not before: Mon 18 May 2026 18:25:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400909
IP address blocks: 2.27.138.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 21:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3c:56:20:80:cf:fd:98:2b:0d:55:b6:ff:87:fe:46:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 18 18:25:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ec82b300e28e3923cf3922eb53fe389c8d7c2508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ce:53:be:01:ed:bb:25:20:00:95:e6:7e:69:
63:c9:0b:3c:05:d6:1c:1b:f0:db:88:80:54:f5:79:
d8:54:51:c1:19:2b:f4:23:34:05:83:e8:f6:4a:8c:
c7:94:13:1b:8f:ae:0b:68:5e:49:32:87:f0:b2:dd:
38:2c:18:73:4a:ab:ac:49:2d:a3:f0:b4:41:90:a9:
7c:2c:ed:b8:3a:e0:10:3d:a6:46:f6:e3:01:09:55:
49:06:75:50:1b:7b:bd:af:c0:80:bb:b2:c8:67:d3:
34:1a:83:03:8a:21:fc:48:01:ba:89:08:76:d8:81:
09:2c:c6:2c:f7:22:65:5f:9a:68:f5:c4:fd:f9:f9:
48:c5:51:cd:96:e0:72:09:cd:c4:c6:f5:40:4a:fe:
4b:6b:6a:99:6f:d7:d0:9c:9e:2e:05:75:b7:00:d3:
89:5e:d6:6e:54:f2:76:a8:1e:15:21:f7:7c:34:7e:
b6:26:b8:dd:a0:85:13:79:22:a3:c6:fd:08:ee:5e:
22:9d:5f:fb:04:10:b4:29:24:10:ed:cf:2d:0f:23:
23:43:ad:90:5a:29:c0:f8:45:61:5d:05:fa:37:f8:
83:09:f4:96:f5:09:19:42:0a:02:9f:2b:ae:3a:d6:
9c:70:c5:54:62:d1:20:3e:9a:ea:19:60:b8:9f:5d:
91:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:82:B3:00:E2:8E:39:23:CF:39:22:EB:53:FE:38:9C:8D:7C:25:08
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7IKzAOKOOSPPOSLrU_44nI18JQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.138.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:c2:2e:85:f5:86:d5:bd:a7:6d:0f:76:af:f2:7e:8c:91:a2:
e9:3e:ba:cf:ad:22:49:ee:7d:43:f2:6c:76:3e:48:82:41:6a:
78:5c:1d:05:b0:43:18:bc:80:aa:65:d7:30:00:f0:a2:01:de:
95:42:c2:36:28:14:08:f0:58:84:37:ea:7d:08:6d:88:eb:5c:
2f:61:73:54:69:30:00:e2:5a:e2:ef:21:7f:40:1e:59:40:f3:
df:db:dd:76:58:c1:93:c1:1e:9e:f0:99:86:37:87:ac:fe:15:
9d:bc:75:69:42:84:d9:cf:37:81:eb:56:79:84:53:ad:bc:f1:
85:d3:a4:d6:52:9e:dc:3f:52:c9:1c:b9:96:db:07:7e:7d:25:
9c:86:7b:99:c6:e8:50:0b:05:c1:c8:2b:88:24:70:fc:bd:b3:
88:73:4e:03:2c:b0:cb:e4:2b:ae:5a:a0:3e:cd:47:bd:1c:b5:
4e:0d:f6:3a:70:c1:5f:a6:c9:6a:c4:4b:7e:89:46:e1:50:81:
cd:1a:bf:7d:76:46:1c:c9:32:d2:c3:7b:8a:3d:f8:a2:fd:25:
31:c3:94:75:05:32:16:5f:bf:ba:aa:f5:b6:25:94:5d:c0:18:
4a:c9:6e:31:ec:e7:e1:e9:06:41:bb:da:73:ba:d2:91:7b:41:
9c:5a:3c:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ48ViCAz/2YKw1Vtv+H/kapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTE4MTgyNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzgyYjMwMGUyOGUzOTIzY2YzOTIyZWI1M2ZlMzg5YzhkN2MyNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM5TvgHtuyUgAJXmfmljyQs8BdYc
G/DbiIBU9XnYVFHBGSv0IzQFg+j2SozHlBMbj64LaF5JMofwst04LBhzSqusSS2j
8LRBkKl8LO24OuAQPaZG9uMBCVVJBnVQG3u9r8CAu7LIZ9M0GoMDiiH8SAG6iQh2
2IEJLMYs9yJlX5po9cT9+flIxVHNluByCc3ExvVASv5La2qZb9fQnJ4uBXW3ANOJ
XtZuVPJ2qB4VIfd8NH62JrjdoIUTeSKjxv0I7l4inV/7BBC0KSQQ7c8tDyMjQ62Q
WinA+EVhXQX6N/iDCfSW9QkZQgoCnyuuOtaccMVUYtEgPprqGWC4n12RMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyCswDijjkjzzki61P+OJyNfCUIMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvN0lLekFPS09PU1BQT1NMclVfNDRuSTE4SlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAhuKMA0G
CSqGSIb3DQEBCwUAA4IBAQCbwi6F9YbVvadtD3av8n6MkaLpPrrPrSJJ7n1D8mx2
PkiCQWp4XB0FsEMYvICqZdcwAPCiAd6VQsI2KBQI8FiEN+p9CG2I61wvYXNUaTAA
4lri7yF/QB5ZQPPf2912WMGTwR6e8JmGN4es/hWdvHVpQoTZzzeB61Z5hFOtvPGF
06TWUp7cP1LJHLmW2wd+fSWchnuZxuhQCwXByCuIJHD8vbOIc04DLLDL5CuuWqA+
zUe9HLVODfY6cMFfpslqxEt+iUbhUIHNGr99dkYcyTLSw3uKPfii/SUxw5R1BTIW
X7+6qvW2JZRdwBhKyW4x7Ofh6QZBu9pzutKRe0GcWjwe
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:07:41 2026 by rpki-client